package com.chidopi.market.aa.domain;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.List;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.UserDetails;

import com.chidopi.market.util.IPasswordState;
import com.chidopi.market.util.PasswordEncoder;
import com.ibm.icu.util.Calendar;

public class UserDetailsImpl implements UserDetails, IPasswordState{
	private static Logger logger = LoggerFactory.getLogger(UserDetailsImpl.class);
	private static final long serialVersionUID = 1L;
	private String username;
	private String password;
	private boolean enabled;
	private boolean accountNonExpired;
	private boolean accountNonLocked;
	private Accounts account;
	private boolean passNeedEncoded;

	public UserDetailsImpl(String username, String password) {
		this.username = username;
		this.password = password;
	}

	public UserDetailsImpl(Accounts account) {
		this.account = account;
		this.username = account.getUsername();
		this.password = account.getPassword();
		this.enabled = "Y".equals(account.getEnable_flag()) ? true : false;
		Date today = Calendar.getInstance().getTime();
		if (account.getEffective_end_date() == null || today.before(account.getEffective_end_date())) {
			if (account.getEffective_start_date() == null || today.after(account.getEffective_start_date())) {
				this.accountNonExpired = true;
			} else {
				this.accountNonExpired = false;
			}
		} else {
			this.accountNonExpired = false;
		}

		this.accountNonLocked = !(account.getLock_end_date() != null &&
			today.before(account.getLock_end_date()) &&
			account.getLock_start_date() != null &&
			today.after(account.getLock_start_date()));
		logger.debug("enabled=" + this.enabled);
		logger.debug("accountNonExpired=" + this.accountNonExpired);
		logger.debug("accountNonLocked=" + this.accountNonLocked);
		
		this.passNeedEncoded = account.isPassNeedEncode();
		// 密碼為初始需手動加密，方便SS3密碼校驗
		if(passNeedEncoded){			
		    this.password = PasswordEncoder.encode(password, account.getUsername());
		}
		logger.debug("isPassNeedEncoded=" + this.passNeedEncoded);
	}

	public Collection<GrantedAuthority> getAuthorities() {
		List<GrantedAuthority> grantedAuthorities =
			new ArrayList<GrantedAuthority>();
			        grantedAuthorities.add(new GrantedAuthorityImpl("ROLE_USER"));
		return grantedAuthorities;
	}

	public String getPassword() {
		return this.password;
	}

	public String getUsername() {
		return this.username;
	}

	public boolean isAccountNonExpired() {
		return this.accountNonExpired;
	}

	public boolean isAccountNonLocked() {
		return this.accountNonLocked;
	}

	public boolean isCredentialsNonExpired() {
		return true;
	}

	public boolean isEnabled() {
		return this.enabled;
	}

	public Accounts getAccount() {
		return this.account;
	}

	public boolean isPassNeedEncode() {
		return passNeedEncoded;
	}
}
